public function handleRequest() { $data = array(); $status = Response::STATUS_BAD_REQUEST; $result = array(); if (!$this->authenticate()) { $result['status'] = Response::STATUS_UNAUTHORIZED; } else { if ($this->method == 'post') { if ($this->resource == 'cart') { $result = $this->cart($this->data); } elseif ($this->resource == 'order/accept') { $result = $this->orderAccept($this->data); } elseif ($this->resource == 'order/status') { $result = $this->orderStatus($this->data); } } } if (!empty($result['status'])) { $data = isset($result['data']) ? $result['data'] : ''; $response = new Response($result['status'], $data, $this->accept_type); } else { $response = new Response(Response::STATUS_INTERNAL_SERVER_ERROR); } $response->send(); }
/** * Creates entity object of resource, runs it method and return response * * @param string $entity_properties Properties of entity * @param string $parent_name Parent entity name * @param array $parent_data Parent entity data * @return Response Response or null */ private function getResponseFromEntity($entity_properties, $parent_name = null, $parent_data = null) { $response = null; $entity = $this->getObjectByEntity($entity_properties); /** * Fake entity can't have parent */ if ($entity !== null || isset($this->fake_entities[$entity_properties['name']]) && !$parent_data) { if (!empty($parent_data['data'])) { $entity->setParentName($parent_name); $entity->setParentData($parent_data['data']); } if (!empty($entity_properties['id']) && !$entity->isValidIdentifier($entity_properties['id'])) { $response = null; } elseif (!empty($entity_properties['child_entity'])) { $parent_result = array('status' => Response::STATUS_FORBIDDEN); if ($this->checkAccess($entity, 'index')) { $parent_result = $entity->index($entity_properties['id']); } if (Response::isSuccessStatus($parent_result['status'])) { $name = $entity_properties['name']; $entity_properties = $this->getEntityFromPath($entity_properties['child_entity']); $response = $this->getResponseFromEntity($entity_properties, $name, $parent_result); } else { $response = new Response($parent_result['status']); } } else { $response = $this->exec($entity, $entity_properties); } } else { $response = new Response(Response::STATUS_NOT_FOUND, __('object_not_found', array('[object]' => __('entity') . ' ' . $entity_properties['name'])), $this->request->getAcceptType()); } return $response; }
/** * Init selected company * Selected company id will be saved in the registry runtime.company_id * * @param array $params request parameters * @return array with init data (init status, redirect url in case of redirect) */ function fn_init_company_id(&$params) { $company_id = 0; $available_company_ids = array(); $result = array(INIT_STATUS_OK); if (isset($params['switch_company_id'])) { $switch_company_id = intval($params['switch_company_id']); } else { $switch_company_id = false; } if (defined('API')) { $api = Tygh::$app['api']; $api_response_status = false; if ($api instanceof Api) { if (AREA == 'A') { if ($user_data = $api->getUserData()) { $company_id = 0; if ($user_data['company_id']) { $company_id = $user_data['company_id']; } $store = array(); if (preg_match('/(stores|vendors)\\/(\\d+)\\/.+/', $api->getRequest()->getResource(), $store)) { if ($company_id && $company_id != $store[2]) { $api_response_status = Response::STATUS_FORBIDDEN; } $company_id = intval($store[2]); if (!fn_get_available_company_ids($company_id)) { $company_id = 0; } } } else { $api_response_status = Response::STATUS_UNAUTHORIZED; } } } else { $api_response_status = Response::STATUS_FORBIDDEN; } if ($api_response_status) { $response = new Response($api_response_status); /** * Here is exit. */ $response->send(); } } // set company_id for vendor's admin if (AREA == 'A' && !empty(Tygh::$app['session']['auth']['company_id'])) { $company_id = intval(Tygh::$app['session']['auth']['company_id']); $available_company_ids = array($company_id); if (!fn_get_available_company_ids($company_id)) { return fn_init_company_id_redirect($params, 'access_denied'); } } // admin switching company_id if (!$company_id) { if ($switch_company_id !== false) { // request not empty if ($switch_company_id) { if (fn_get_available_company_ids($switch_company_id)) { $company_id = $switch_company_id; } else { return fn_init_company_id_redirect($params, 'company_not_found'); } } fn_set_session_data('company_id', $company_id, COOKIE_ALIVE_TIME); } else { $company_id = fn_init_company_id_find_in_session(); } } if (empty($available_company_ids)) { $available_company_ids = fn_get_available_company_ids(); } fn_set_hook('init_company_id', $params, $company_id, $available_company_ids, $result); Registry::set('runtime.company_id', $company_id); Registry::set('runtime.companies_available_count', count($available_company_ids)); unset($params['switch_company_id']); return $result; }